Amendments to the Specification : 
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Please substitute the following paragraph for the paragraph beginning at line 6: 
This application claims priority of U. S. provisional Application S. N. 60/248,906, 
filed November 15, 2000, and assigned to the assignee of the present apphcation, as does 
concurrently filed related application 09 /973,776 (Docket Number FS-00510 
(02890037AA) ) both of which are hereby fully incorporated by reference. 
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Please substitute the following paragraph for the paragraph beginning at line 12: 
Figure 2 is a schematic diagram of the lock circuit of Figure 1 as embodied on a 
VME circuit cardsears, as is preferred. 
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Please substitute the following paragraph for the paragraph beginning at line 17: 
As will become clear from the following discussion, the present invention 
provides a secure, fault-tolerant network than can implement an arbitrary security policy 
with arbitrarily fine granularity and continue to provide service in the presence of a 
variety of hardware failures and security penetration attacks. This is accomplished by 
developing a networking subsystem by inclusion of enhancements which accommodate 
existing elements of network architecture and software and integrate fault tolerant olorant 
extensions of object oriented programming architecture, strong encryption strong 
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authentication at the node and data packet level and real-time active responses to 
detection of faults and attacks with enhanced sensitivity. 
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Please substitute the following paragraph for the paragraph beginning at line 4: 
More specifically. The PMC card 301 includes a dual ported RAM 309 to support 
simultaneous read and write operations from the PCI bus or the security encryption 
engine 307. and two network ports 303 and 305 . The security/encryption engine 307 
preferably has a B2 or better security rating and is configured to require authorization and 
authentication of the SPM board or network nodes with which it communicates. In this 
regard, it was noted above, that the SPM card assigns security association/identification 
information to data packets regardless of whether or not such an identification is made of 
a given user. Therefore, each operation or data packet through the node is authenticated 
as to originating with a known node of the network and the information so collected can 
be used for detection of "foreign" data packets and tracking of the origin of any attack to 
at least the boundary of any connected and similarly secured network. 

Page 20 

Please substitute the following paragraph for the paragraph beginning at line 8: 
It should be noted that the network shown in Figure 4 (without link 430) provides 
redundant communication links between all nodes of the network even though there are 
no links between nodes of the same tier, as is also preferred for pracfice of the invention. 
(In this regard, however, it should be recognized that the assignment of any given tier to 
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any given node is arbitrary.) For example, node 440 can communicate with node 450 
over communication links 437428, 423, 419 and 421; 437428, 41 5, 418 and 425; or 
427428, 4 1 9, 4 1 7 and 425. Other redundant paths would exist if the network were 
extended to more tiers and/or more nodes per tier. 
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PI ease substitute the following paragraph for the paragraph beginning at line 24: 
The articulation of any communication path between any client and any server 
node in the network of Figure 4 that is achieved by the invention is shown in a 
generalized form 609 in Figure 6. It can be appreciated from Figure 4 that most 
communications or sessions between nodes will involve communications through a 
plurality of nodes since the direct connectivity of any given node is preferably limited for 
hardware economy. For purposes of this illustration, node 61 1 is the client node and node 
617 is the server node and each has its own routers and SPM card 61 1', 617\ SPM cards 
601, 603, 605 and 607 are at different respective nodes as are routers 613 and 615. 
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Please substitute the following paragraph for the paragraph beginning at line 26: 
In prior networks, a user, once identified and authenticated, has access to the 
entire network insofar as the authorization for that user extends and a session would 
extend from the client node to the server node. In accordance with the invention, 
however, that session is divided into a plurality of secure sessions of different, serially 
connected security domains, as illustrated in Figure 6. If any security domain (e.g. 
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security domain A 60K B 621 or C 623 ) involved in the connectivity thus established is 
then compromised in any detectable manner or a fault occurs, that compromise and/or 
fault is reported and logged, the node at which the fault or attack occurs is isolated and 
the routers controlled to establish other secure sessions over redundant communication 
links, as shown in Figure 7. 
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Please substitute the following paragraph for the paragraph beginning at line 1 1 : 
Figure 8 illustrates application of the invention to a heterogeneous network 833 
including both trusted and untrusted nodes. It should be appreciated that such a system 
could result during incremental retrofitting of the invention into an existing network 
system or as a final configuration of a network intended to include both trusted and 
untrusted nodes. In the former case, the invention would generally be employed at the 
locations were considered to be most critical for security although, as alluded to above, 
firewalls can be defeated with relative ease at the present state of the art. It will also be 
recognized that the deployment of the structure discussed above in connection with 
Figures 1 and 2 essentially forms a router interface device 835 at the edge of a secure 
network protected in accordance with the invention as a plurality of standard router 
network interface controllers (NIC) 837. 
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